//package com.geese.module.security.core;
//
//import com.alibaba.fastjson.serializer.JSONSerializer;
//import com.alibaba.fastjson.serializer.SerializeWriter;
//import org.springframework.beans.factory.annotation.Autowired;
//import org.springframework.context.annotation.Bean;
//import org.springframework.context.annotation.Configuration;
//import org.springframework.security.authentication.AuthenticationManager;
//import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
//import org.springframework.security.config.annotation.web.builders.HttpSecurity;
//import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
//import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
//import org.springframework.security.config.http.SessionCreationPolicy;
//import org.springframework.security.core.Authentication;
//import org.springframework.security.core.AuthenticationException;
//import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
//import org.springframework.security.web.AuthenticationEntryPoint;
//import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
//import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
//import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
//import org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler;
//
//import javax.servlet.ServletException;
//import javax.servlet.http.HttpServletRequest;
//import javax.servlet.http.HttpServletResponse;
//import java.io.IOException;
//import java.io.PrintWriter;
//import java.util.HashMap;
//import java.util.Map;
//
///**
// * Created by Z先生 on 2017/2/22.
// */
//@Configuration
//@EnableWebSecurity
//public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
//
//    @Autowired
//    SecurityInterceptor securityInterceptor;
//
//    @Autowired
//    MyUserDetailService myUserDetailService;
//
//    @Autowired
//    TokenUtils tokenUtils;
//
//    @Override
//    protected void configure(HttpSecurity http) throws Exception {
//        http.authorizeRequests()
//                .antMatchers("/static/**").permitAll()
//                .antMatchers("/api/auth").permitAll()
//                .antMatchers("/wechat/**").permitAll()
//                .antMatchers(
//                        "/admin/**",
//                        "/business/orders/all",
//                        "/ceo/**",
//                        "/api/changepwd",
//                        "/aliyun/**"
//                )
//                .permitAll();
////                .authenticated();
//       /* http
//                .formLogin()
//                .loginPage("/login")
//                .loginProcessingUrl("/login")
//                .usernameParameter("username")
//                .passwordParameter("password")
//                .failureUrl("/login?error")
//                .defaultSuccessUrl("/")
//                .permitAll();
//        http
//                .logout()
//                .logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
//                .logoutSuccessUrl("/");
//                */
//        http
//               /* .formLogin()
//                .loginProcessingUrl("/login")
//                .successHandler(new RestAuthenticationSuccessHandler())
//                .failureHandler(new RestAuthenticationFileHandler())
//                .and()
//                .logout().logoutSuccessHandler(new RestLogoutSuccessHandler())
//                .and()*/
//                //认证不通过后的处理
//                .exceptionHandling()
//                .authenticationEntryPoint(new RestAuthenticationEntryPoint());
//
//        http.addFilterBefore(securityInterceptor, FilterSecurityInterceptor.class).csrf().disable().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
//
//    }@Bean
//    @Override
//    public AuthenticationManager authenticationManagerBean() throws Exception {
//        return super.authenticationManagerBean();
//    }
//
//
//    @Autowired
//    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
//        auth.userDetailsService(myUserDetailService).passwordEncoder(new BCryptPasswordEncoder());
//    }
//
//    public class RestAuthenticationSuccessHandler extends SimpleUrlAuthenticationSuccessHandler {
//
//        @Override
//        public void onAuthenticationSuccess(HttpServletRequest request,
//                                            HttpServletResponse response, Authentication authentication)
//                throws ServletException, IOException {
//
//            String token = tokenUtils.createToken(authentication.getName());
//
//            Map map = new HashMap();
//            map.put("token", token);
//            printJson(200, "登录成功", map, response);
//        }
//    }
//
//    public class RestAuthenticationFileHandler extends SimpleUrlAuthenticationFailureHandler {
//
//        @Override
//        public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {
//            printJson(401, "用户名或密码错误", response);
//        }
//    }
//
//    /**
//     * 登出成功后的处理
//     */
//    public class RestLogoutSuccessHandler extends SimpleUrlLogoutSuccessHandler {
//
//        @Override
//        public void onLogoutSuccess(HttpServletRequest request,
//                                    HttpServletResponse response, Authentication authentication)
//                throws IOException, ServletException {
//            //Do nothing!
//            printJson(200, "退出成功", response);
//        }
//    }
//
//    /**
//     * 权限不通过的处理
//     */
//    public class RestAuthenticationEntryPoint implements AuthenticationEntryPoint {
//
//        @Override
//        public void commence(HttpServletRequest request,
//                             HttpServletResponse response,
//                             AuthenticationException authException) throws IOException {
//
//            printJson(HttpServletResponse.SC_UNAUTHORIZED, "你不配", response);
//           /* response.sendError(HttpServletResponse.SC_UNAUTHORIZED,
//                    "Authentication Failed: " + authException.getMessage());*/
//        }
//    }
//
//
//    /**
//     * 输出JSON响应数据
//     */
//    private void printJson(int code, String message, HttpServletResponse response) throws IOException {
//        Map resultMap = new HashMap();
//        resultMap.put("code", code);
//        resultMap.put("msg", message);
//        printJson(response, getJsonStringOfObj(resultMap));
//    }
//
//    private void printJson(int code, String message, Map map, HttpServletResponse response) throws IOException {
//        Map resultMap = new HashMap();
//        resultMap.put("code", code);
//        resultMap.put("msg", message);
//        resultMap.put("result", map);
//        printJson(response, getJsonStringOfObj(resultMap));
//    }
//
//    /**
//     * 输出JSON响应数据
//     */
//    private void printJson(HttpServletResponse response, String json) throws IOException {
//        PrintWriter out = response.getWriter();
//        out.print(json);
//    }
//
//    /**
//     * 序列化json对象
//     *
//     * @return
//     */
//    private String getJsonStringOfObj(Object obj) {
//        SerializeWriter sw = new SerializeWriter();
//        JSONSerializer serializer = new JSONSerializer(sw);
//        serializer.write(obj);
//        return sw.toString();
//    }
//}
